According to Agiliance CEO Joe Fantuzzi, the standard for assessing the risks in cloud computing platform is SAS 70, which Fantuzzi says does little to address risk and security issues.

Cloud Risk Management consists of three modules for assessing vulnerabilities, ongoing monitoring and auditing. The first two modules are available now, while the auditing module is awaiting some ratification of a set of cloud computing auditing guidelines being developed by the Cloud Security Alliance.

Fantuzzi says that when a IT organization moves to a private and public cloud infrastructure running virtual machine software, visibility over governance, risk management and compliance (GRC) issues diminishes greatly. As a result, Fantuzzi says the divide between IT operations and security information management becomes even wider.

While there are no formal processes for auditing cloud computing platforms, Fantuzzi says that the Agiliance service will go a long way toward not only providing some real world information about a platform's level of cloud readiness, but for the first time some real transparency into the operations of a cloud computing provider as it relates to GRC.

The price of the Cloud Risk Management service starts at $37,500 a year.

Skytap offers a powerful 'hybrid' cloud computing solution for dynamic IT workloads that goes well beyond basic 'Infrastructure-as-a-Service' offerings. There are always inherent risks with trying something new. We invite anyone to ask us the hard questions. For those that want to try a Cloud Provider before buying you can sign up for a free trial of Skytap Cloud here: www.skytap.com.